The Hacker News

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.
Coinspeaker

iPhone Crypto Exploit Kit: Google Warns of ‘Coruna’ Seed Phrases Theft

The iPhone crypto exploit Coruna targets outdated iOS devices, stealing wallet seed phrases through compromised sites, ...

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.

How the DOM affects crawling, rendering, and indexing

Learn how the DOM structures your page, how JavaScript can change it during rendering, and how to verify what Google actually sees.
InfoQ

Webpack Publishes 2026 Roadmap with Native CSS Support, Universal Target, and Path to Version 6

Webpack's 2026 roadmap, led by Even Stensberg, unveils substantial enhancements aimed at modernizing the bundler. Key features include native CSS module support, universal compilation for various ...

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.

Anyone can code now. What will you build?

See how anyone can build a working app or website in minutes — no coding skills required.

Compliance Doesn't Equal Protection: Protections At Payment And Beyond

Merchants must prioritize total browser-side visibility and ensure client-side security across all web pages, not just the ...
PCMag on MSN

Wikipedia Forced to Lock Down Edits Over JavaScript That Could Delete Pages

The nonprofit that oversees Wikipedia briefly enforced a 'read-only' mode on Thursday morning as users spotted code designed ...